I've put a DMARC Record diagnostic tool: http://dmarcian.com/dmarc-inspector
During my adventures of informing people of their problems, I've come across a question. Given the following text from the spec: When a Mail Receiver discovers a DMARC policy in the DNS, and the domain at which that record was discovered is not identical to the host part of the authority component of a [URI] specified in the "rua" or "ruf" tag, the following verification steps SHOULD be taken: I'm taking "not identical" to mean what it says, and am flagging a warning if the domains do not match. There is the case, though, of: DMARC Record for example.org: "v=DMARC1 p=none [email protected]" Notice that the domain of where the reports should go ("bounce.example.org") is NOT identical to the discovered domain ("example.org"). According to the spec, this forces the receiver to perform the external destination authorization check. According to what seems better, should the spec spell out that if the "organizational domains" match of both domain, then no check is necessary? =- Tim _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
